/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
The US Department of Justice (DoJ) has demanded computer
usage related information from 40 odd service providers, search companies,
security software companies, and others. These companies include Google,
Microsoft, Symantec, AOL, Verizon, Earthlink, Comcast Cable, and Yahoo. Some
have compiled, some may, while some
have refused. Google's refusal has led to widespread media coverage. The
DoJ's subpoenas are meant to aid efforts to uphold the Child Online Protection
Act—which has not been passed
because it apparently, is not constitutionally sound.
In India, the government is asking all mobile phone
companies to ensure that for all connections, the prospective subscriber submits
a proof of identity and a proof of address, and the company verifies it before
activating a phone connection. This is required for security reasons. Currently,
there is no debate on the constitutional soundness, but there is considerable
debate about the impact on the workload and possible slowdown in the rate of
growth of connections.
| We simply have to deploy more and more technology to combat technology related crime |
Are such demands from governments correct? Will they really
help? Are they violating human rights? What will be the impact on activities
such as terrorism, crime, and pornography that are to be controlled? The right answers are dependent on which
side of the table you occupy. The privacy advocates, by and large claim that we
support the objectives, but this is not the right way to do it. You normally do
not hear too much about which is the right way. The law enforcers claim that
their only chance to prevent crime-as opposed to solving it-is by tracing
intention through prior information.
These debates are pretty academic. With more and more
transactions happening via computers and the Internet-there is no way that law
enforcing agencies can avoid keeping an eye on them. And there will always be a
flip side.
Take an example. Credit card companies invest heavily in
studying spending patterns to control fraud. I recently cancelled a card and
asked for a replacement because I had used the original one in a country with a
track record of fraud. When I attempted to use the new one for the first time
the transaction was declined — but I got a phone call within seconds — to
verify whether the new card was in the right hands. After which the transactions
were allowed to proceed. Technology was watching me—in a useful kind of way.
The same technology also keeps a track of all my transactions and knows
what I spend on and where. Sometimes it becomes an invasion of privacy. These
companies also keep a pattern of my spending and if there is a sudden deviation
the transaction is barred. Causes problems at times, but it does give security.
| With more and more transactions happening via computers and the Internet-there is no way that law enforcing agencies can avoid keeping an eye on them. And there will always be a flip side |
In these examples, technology is being used to provide a
service and prevent crime. It is quite obvious that technology will have to be
used to catch technology related crime. In the case of credit cards there is a
huge commercial benefit to the card provider and the user—and therefore, huge
amounts are spent on developing and deploying technology. Other types of crimes
are less easy to quantify and their deployment is diffused across any law
enforcement agencies. And the beneficiary is society at large. Hence, technology
deployment is less than desirable.
To my mind that is the real problem. We simply have to
deploy more and more technology to combat crime. There have to be mechanisms to
prevent random and unauthorized use. But resisting all forms of data sharing is
futile. It is neither practical nor useful.